Misreported structure overruns.



The FindFirstFile function searches a directory for a file whose name matches

the specified filename. FindFirstFile examines subdirectory names as well as


HANDLE FindFirstFile(

LPCTSTR lpFileName,  // pointer to name of file to search for

LPWIN32_FIND_DATA lpFindFileData // pointer to returned information


Boundschecker FinalCheck says a call will cause a memory overwrite because it

thinks that the function returns 320 bytes to lpFindFileData.  However winbase.

h defines WIN32_FIND_DATA as 318 bytes.


This is a case where byte-packing is not handled in a 100% consistent matter.  The OS is compiled with structure packing set to 1, however this structure, and a number of other ones are not pragma_packed to 1 byte alignment in the header (the packing was done in the makefile.).  When we get the size of the structure, we used the default compiler settings (which aren't 1 byte), meaning that in certain cases the sizes are different. You can safely suppress such an error.

Old KB# 12205
Comment List
Related Discussions